76a0354da02532228d214dc9dc4f55a2fba69752128f120b58e1a78887157b0d | Triage

Sharing

General

Target

b393bd30cb228c79955ffd0d7a227873_JaffaCakes118
Size

285KB
Sample

240821-qdd1mszdrc
MD5

b393bd30cb228c79955ffd0d7a227873
SHA1

489aa108ba81d4445a8120c36769884d252e5b4e
SHA256

76a0354da02532228d214dc9dc4f55a2fba69752128f120b58e1a78887157b0d
SHA512

3e71b684a89b09ae9241fe4648923713aed8ae7abb9bd19e2e514651e941913a527573815145a4d1e6eab80e002c4d0dc866347d573b5114c0a5b2d6e0ef09c2
SSDEEP

6144:p8PHVcQ+2BePnsE1yLvBDpIsBxsQJxSIL6NN5K5LPbf+R:pMmaJEmpI22P5WP

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  b393bd30cb228c79955ffd0d7a227873_JaffaCakes118
- Size
  
  285KB
- MD5
  
  b393bd30cb228c79955ffd0d7a227873
- SHA1
  
  489aa108ba81d4445a8120c36769884d252e5b4e
- SHA256
  
  76a0354da02532228d214dc9dc4f55a2fba69752128f120b58e1a78887157b0d
- SHA512
  
  3e71b684a89b09ae9241fe4648923713aed8ae7abb9bd19e2e514651e941913a527573815145a4d1e6eab80e002c4d0dc866347d573b5114c0a5b2d6e0ef09c2
- SSDEEP
  
  6144:p8PHVcQ+2BePnsE1yLvBDpIsBxsQJxSIL6NN5K5LPbf+R:pMmaJEmpI22P5WP
Score

8^/10

discovery evasion persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Active Setup

Privilege Escalation

Boot or Logon Autostart Execution

Active Setup

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2